Feature #6497
closed
Disabling TLS client-side renegotation
Description
I added support for completely disabling client renegotiation on SSL/TLS servers in r35797.
Client renegotiation is still considered a problem, even with secure renegotiation support.
It's now possible to either completely disable client renegotiation at all or to specify
a maximum number of handshakes. The feature is opt-in, the default is as it was before,
to allow arbitrary client renegotiation attempts. The feature is meant to help in
scenarios where the OpenSSL extension is used to run a server that should not support
client renegotiation for security reasons.
Because we don't support renegotiation in the OpenSSL extension, it wasn't possible
to write explicit test cases, but I created a simple server script [1] that can be
tested with tools such as OpenSSL's s_client [2]. For example, when running the
server script at [1], testing the feature could be accomplished by:
openssl s_client -connect localhost:8443
And then pressing 'R' and Enter, you should receive an error like this:
RENEGOTIATING
140639302223680:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:591:
If you don't, any feedback is much appreciated!
[1] https://gist.github.com/2791400
[2] http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html
Updated by